Play by the rules: Automation for simplified rule recertification

October 27, 2021
Tsippi Dach
Director of Marketing Communications
Asher Benbenisty
Director of Product Marketing

As time goes by, once effective firewall rules can become outdated. This results in bloated security policies which can slow down application delivery. Therefore, best practice and compliance requirements calls for rule recertification at least once per year.  

While rule recertification can be done manually by going through the comments fields of every rule, this is a tedious process which is also subject to the weaknesses of human error. Automation can simplify the process and help determine which rules are still necessary, if done right.  

Join security experts Asher Benbenisty and Tsippi Dach to learn about: 

Relevant Resources
Changing the rules without risk: mapping firewall rules to business applications

Changing the rules without risk: mapping firewall rules to business applications

As IT security becomes ever more business critical, most organizations have accumulated large numbers of complex firewall rulesets across their many security devices. These rulesets are regularly changed and added to and, as a result, they become bloated, in part because security teams are worried about the repercussions of cleaning up. Deleting a rule can be nerve-wracking since it might inadvertently cause an outage, or a gap in the security perimeter.

AlgoSec AppViz – Rule Recertification

In this video you’ll learn how AlgoSec enables to efficiently and effectively manage the firewall rule recertification process through an application-centric approach. Following this approach, organizations must first identify all relevant business applications each rule supports, enabling you to review the firewall rules quickly and easily.


An Application-Centric Approach to Firewall Rule Recertification: Challenges and Benefits

As part of your organization’s security policy management best practices, firewall rules need to be reviewed and recertified regularly to ensure security, compliance and optimal firewall performance. Firewall rules that are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and impacts firewall performance. In the past, firewall rule recertification was often performed manually; an error-prone and time-consuming process. The new application-centric approach to firewall recertification offers an efficient, effective and automated method of recertifying firewall rules.